home

hugefiles_downloader-ic4tmpajq.exe

Somoto Limited

This is the Somoto BetterInstaller, an installer that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application hugefiles_downloader-ic4tmpajq.exe by Somoto Limited has been detected as adware by 16 anti-malware scanners. The program is a setup application that uses the Somoto BetterInstaller installer. Includes the Somoto BetterInstaller, an adware installer that will bundle offers for third party applications, mostly adware toolbars, with legitimate softare. These offers are typically installed onto users' PCs by default, but may include an option to 'opt-out' during or after the installation process.
Publisher:
Somoto Limited  (signed and verified)

MD5:
f3a28883558978ecd5dbb089b82b5e94

SHA-1:
621a78e7fa56ee93cc5d2d8e9ca86c105a84ab10

SHA-256:
1c9b723ce40bca55114880ce3b70671aca191604b4f72157bef607342b490ec1

Scanner detections:
16 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/19/2024 2:55:27 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Somoto.J
823

Avira AntiVirus
APPL/Somoto.hzit
7.11.170.174

Baidu Antivirus
Adware.Win32.Agent
4.0.3.14114

Bitdefender
Application.Bundler.Somoto.J
1.0.20.1540

Clam AntiVirus
Win.Adware.Somoto
0.98/21411

Comodo Security
Application.Win32.Somoto.CK
19408

Emsisoft Anti-Malware
Application.Bundler.Somoto
8.14.11.04.02

ESET NOD32
Win32/Somoto
8.10360

IKARUS anti.virus
PUA.Somoto
t3scan.1.7.5.0

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.3000

Malwarebytes
PUP.Optional.Somoto
v2014.11.04.02

MicroWorld eScan
Application.Bundler.Somoto.J
15.0.0.924

NANO AntiVirus
Riskware.Nsis.Adware.dbnhrj
0.28.2.61942

Reason Heuristics
PUP.SomotoLimited.EE
14.11.4.2

SUPERAntiSpyware
PUP.Somoto/Variant
10259

VIPRE Antivirus
Trojan.Win32.Generic
32778

File size:
220.9 KB (226,192 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Somoto BetterInstaller

Common path:
C:\users\{user}\downloads\hugefiles_downloader-ic4tmpajq.exe

Digital Signature
Signed by:
Somoto Limited

Authority:
DigiCert Inc

Valid from:
11/11/2013 1:00:00 AM

Valid to:
11/16/2015 1:00:00 PM

Subject:
CN=Somoto Limited, O=Somoto Limited, L=Tel Aviv, S=Tel Aviv, C=IL

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
05805984E5838EE41CFD82C4057379F9

File PE Metadata
Compilation timestamp:
12/17/2010 10:14:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
3072:e22ihA0m3BJX0owzZl9OHiGhFig+MIwjwOL1+MpvUDTdGSoGTTNbaAHd87b:RA0m3D0o4Zzb3gVbpsHvTJbaA9m

Entry address:
0x39AC

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, 7C, 01, 00, 00, E8, 97, 46, 00, 00, 83, EC, 0C, 68, 01, 80, 00, 00, E8, 42, 43, 00, 00, 6A, 00, E8, AB, 46, 00, 00, 6A, 08, A3, 88, 4C, 42, 00, E8, B1, 28, 00, 00, 6A, 00, 68, 60, 01, 00, 00, A3, 38, 4D, 42, 00, 8D, 85, 90, FE, FF, FF, 50, 6A, 00, 68, A4, A2, 40, 00, E8, F0, 45, 00, 00, 83, EC, 0C, 68, A5, A2, 40, 00, 68, 68, 4D, 42, 00, E8, EF, 2A, 00, 00, 83, C4, 18, E8, FE, 42, 00, 00, 52, 52, 50, 68, 00, D0, 42, 00, E8, DA, 2A, 00, 00, 57, 6A, 00, E8, 39, 42, 00, 00, 83...
 
[+]

Code size:
28.5 KB (29,184 bytes)

The file hugefiles_downloader-ic4tmpajq.exe has been seen being distributed by the following 2 URLs.

http://go34down.com/.../TwoDDL_ThSTRN_downloader-I7fT0CWnf.exe

http://go34down.com/.../HugeFiles_downloader-Ic4TMPajQ.exe

Remove hugefiles_downloader-ic4tmpajq.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.